Blackshades Remote Access Tool
| Type | Trojan horse |
|---|---|
| Subtype | Remote administration trojan |
| Isolation | c. 2010 |
| Author(s) | Alex Yucel and Michael Hogue |
| Operating system(s) affected | Windows |
Blackshades is the name of a malicious trojan horse used by hackers to control all computers remotely. The malware targets the computers using Microsoft Windows -based operating systems. According to US officials, over 500,000 computer systems have been infected worldwide with the software.
In 2014, the United States Federal Bureau of Investigation (FBI) arrested hundreds of people who had Blackshade in their computer. Before the FBI crackdown, Blackshades was sold for US$40, and reportedly generated US$350,000.00 in sales.
Blackshades infects computer systems by downloading onto a victim's computer when the victim accesses a malicious webpage (sometimes downloading onto the victim's computer without the victim's knowledge, known as a drive-by download) or through external storage devices, such as USB flash drives. Blackshades also included tools that assisted hackers in maximizing the amount of computer systems infected, such as a tool that sends infected links that masquerade as an innocuous site to other potential victims via the victim's social networking service.
Blackshades can reportedly be used remotely to access an infected computer without authorization. Blackshades allows hackers to perform many actions on an infected computer remotely without authorization, including the ability to:
Blackshades reportedly can be used by computer hackers with little experience or by script kiddies, hackers that use programs developed by others to attack computer systems.
Blackshades can also act as ransomware. Hackers using Blackshades can restrict access to the victim's computer and demand a ransom paid to the hacker in order for the restriction to be lifted.
Many antivirus programs can successfully detect and remove Blackshades, however hackers using the Blackshades software usually avoid detection of Blackshades infections by using software that obfuscates the Blackshades binary to avoid detection by antivirus programs, which the Blackshades organization also sold along with the Blackshades software.
...
Wikipedia